<?php
class Authorizator extends Model {
    public $current_user = null;
    
    public function create() {
        $this->password_salt = $this->generate_salt();
        $this->password = $this->encrypt_password($this->password);
        parent::create();
    }
    
    protected function encrypt_password($password) {
        echo "Uncrypted: $password<br />";
        $password_salt = $this->password_salt;
        echo "Salt: $password_salt<br />";
        $static_salt = $this->get_static_salt();
        echo "Static salt: $static_salt<br />";
        $password = sha1($password_salt . $password . sha1($password_salt) . $static_salt);
        echo "Crypted: $password";
        return $password;
    }
    
    protected function generate_salt() {
        $password_salt = md5(time() . 'KLJjl ASUD)9 LKASJD 09*ASD)(* Aklj ALSDJA)(Di  jasd90&ASD*( KJHASD 98');
        return $password_salt;
    }
    
    protected function get_static_salt() {
        return 'iuAOSD*9 hkJASD (8u":ASL09*)(ASD';
    }
    
    public function login() {
        $password = $_POST[$this->class_name . '_password'];
        $password = $this->encrypt_password($password);
        
        if($password == $this->password) {
            $this->set_session();
            return true;
        }
        else {
            return false;
        }
    }
    
    protected function set_session() {
        session_destroy();
        $session_token = $this->generate_session_token();
        $session_id = $this->generate_session_id($session_token);
        session_id($session_id);
        session_start();
        $_SESSION['session_token'] = $session_token;
        $_SESSION['UID'] = $this->id;
    }
    
    protected function generate_session_id($session_token) {
        $session_id = md5($this->id . $this->login . 'jkshd9*9d njkahsd9*S&d9 na' . $session_token);
        return $session_id;
    }
    
    protected function generate_session_token() {
        $session_token = sha1(md5($this->password_salt) . time());
        return $session_token;
    }
    
    protected function destroy_session() {
        session_destroy();
        $_SESSION['session_token'] = null;
        $_SESSION['UID'] = null;
    }
    
    public function valid_session() {
        $session_token = $_SESSION['session_token'];
        echo "Session Token: $session_token<br />";
        $session_id = $this->generate_session_id($session_token);
        echo "Generated Session ID: $session_id<br />";
        echo "Session ID: " . session_id();
        if($session_id == session_id()) {
            return true;
        }
        return false;
    }
    
    public function current_user() {
        if($this->current_user == null) {
            $class = $this->class_name;
            $class = new $class();
            $current_user = $class->find($_SESSION['UID']);
            if($current_user->valid_session()) {
                $this->current_user = $current_user;
                return $this->current_user;
            }
            else {
                return false;
            }
        }
        else {
            return $this->current_user;
        }
    }
}
?>